diff options
Diffstat (limited to 'bin/tests/system/xfer')
31 files changed, 1726 insertions, 0 deletions
diff --git a/bin/tests/system/xfer/ans5/badkeydata b/bin/tests/system/xfer/ans5/badkeydata new file mode 100644 index 0000000..8dc80fb --- /dev/null +++ b/bin/tests/system/xfer/ans5/badkeydata @@ -0,0 +1,10 @@ +/SOA tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 3 300 300 604800 300 +/AXFR tsig_key abcd1234ffff/ +nil. 300 SOA ns.nil. root.nil. 3 300 300 604800 300 +/AXFR tsig_key abcd1234ffff/ +nil. 300 NS ns.nil. +nil. 300 TXT "bad keydata AXFR" +a.nil. 60 A 10.0.0.61 +/AXFR tsig_key abcd1234ffff/ +nil. 300 SOA ns.nil. root.nil. 3 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/badmessageid b/bin/tests/system/xfer/ans5/badmessageid new file mode 100644 index 0000000..e0dc041 --- /dev/null +++ b/bin/tests/system/xfer/ans5/badmessageid @@ -0,0 +1,10 @@ +/SOA tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 +/AXFR bad-id tsig_key LSAnCU+Z/ +nil. 300 NS ns.nil. +nil. 300 TXT "bad message id" +a.nil. 60 A 10.0.0.61 +/AXFR bad-id tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/goodaxfr b/bin/tests/system/xfer/ans5/goodaxfr new file mode 100644 index 0000000..e5ccd43 --- /dev/null +++ b/bin/tests/system/xfer/ans5/goodaxfr @@ -0,0 +1,10 @@ +/SOA tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 NS ns.nil. +nil. 300 TXT "initial AXFR" +a.nil. 60 A 10.0.0.61 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/partial b/bin/tests/system/xfer/ans5/partial new file mode 100644 index 0000000..e7eff8e --- /dev/null +++ b/bin/tests/system/xfer/ans5/partial @@ -0,0 +1,11 @@ +/SOA tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 4 300 300 604800 300 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 4 300 300 604800 300 +/AXFR/ +nil. 300 NS ns.nil. +nil. 300 TXT "partially signed AXFR" +a.nil. 60 A 10.0.0.61 +b.nil. 60 A 10.0.0.62 +/AXFR/ +nil. 300 SOA ns.nil. root.nil. 4 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/soamismatch b/bin/tests/system/xfer/ans5/soamismatch new file mode 100644 index 0000000..14cfa41 --- /dev/null +++ b/bin/tests/system/xfer/ans5/soamismatch @@ -0,0 +1,10 @@ +/SOA tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 NS ns.nil. +nil. 300 TXT "SOA mismatch AXFR" +a.nil. 60 A 10.0.0.61 +/AXFR tsig_key LSAnCU+Z/ +nil. 300 SOA whatever. other. 1 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/unknownkey b/bin/tests/system/xfer/ans5/unknownkey new file mode 100644 index 0000000..da7889b --- /dev/null +++ b/bin/tests/system/xfer/ans5/unknownkey @@ -0,0 +1,11 @@ +/SOA bad_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 5 300 300 604800 300 +/AXFR bad_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 5 300 300 604800 300 +/AXFR bad_key LSAnCU+Z/ +nil. 300 NS ns.nil. +nil. 300 TXT "unknown key AXFR" +a.nil. 60 A 10.0.0.61 +b.nil. 60 A 10.0.0.62 +/AXFR bad_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 5 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/unsigned b/bin/tests/system/xfer/ans5/unsigned new file mode 100644 index 0000000..3fe04db --- /dev/null +++ b/bin/tests/system/xfer/ans5/unsigned @@ -0,0 +1,11 @@ +/SOA tsig_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 2 300 300 604800 300 +/AXFR/ +nil. 300 SOA ns.nil. root.nil. 2 300 300 604800 300 +/AXFR/ +nil. 300 NS ns.nil. +nil. 300 TXT "unsigned AXFR" +a.nil. 60 A 10.0.0.61 +b.nil. 60 A 10.0.0.62 +/AXFR/ +nil. 300 SOA ns.nil. root.nil. 2 300 300 604800 300 diff --git a/bin/tests/system/xfer/ans5/wrongkey b/bin/tests/system/xfer/ans5/wrongkey new file mode 100644 index 0000000..af120b0 --- /dev/null +++ b/bin/tests/system/xfer/ans5/wrongkey @@ -0,0 +1,11 @@ +/SOA unused_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 6 300 300 604800 300 +/AXFR unused_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 6 300 300 604800 300 +/AXFR unused_key LSAnCU+Z/ +nil. 300 NS ns.nil. +nil. 300 TXT "incorrect key AXFR" +a.nil. 60 A 10.0.0.61 +b.nil. 60 A 10.0.0.62 +/AXFR unused_key LSAnCU+Z/ +nil. 300 SOA ns.nil. root.nil. 6 300 300 604800 300 diff --git a/bin/tests/system/xfer/axfr-stats.good b/bin/tests/system/xfer/axfr-stats.good new file mode 100644 index 0000000..264af09 --- /dev/null +++ b/bin/tests/system/xfer/axfr-stats.good @@ -0,0 +1,3 @@ +messages=16 +records=10003 +bytes=218227 diff --git a/bin/tests/system/xfer/clean.sh b/bin/tests/system/xfer/clean.sh new file mode 100644 index 0000000..2851553 --- /dev/null +++ b/bin/tests/system/xfer/clean.sh @@ -0,0 +1,39 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +# +# Clean up after zone transfer tests. +# + +rm -f */ans.run +rm -f */named.conf +rm -f */named.memstats +rm -f */named.run +rm -f */named.run.prev +rm -f axfr.out +rm -f dig.out.* +rm -f ns*/managed-keys.bind* +rm -f ns*/named.lock +rm -f ns1/edns-expire.db +rm -f ns1/ixfr-too-big.db ns1/ixfr-too-big.db.jnl +rm -f ns1/sec.db ns2/sec.db +rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl +rm -f ns2/mapped.db +rm -f ns3/example.bk ns3/xfer-stats.bk ns3/tsigzone.bk ns3/example.bk.jnl +rm -f ns3/mapped.bk +rm -f ns3/primary.bk ns3/primary.bk.jnl +rm -f ns4/*.db ns4/*.jnl +rm -f ns6/*.db ns6/*.bk ns6/*.jnl +rm -f ns7/*.db ns7/*.bk ns7/*.jnl +rm -f ns8/large.db ns8/small.db +rm -f stats.* diff --git a/bin/tests/system/xfer/dig1.good b/bin/tests/system/xfer/dig1.good new file mode 100644 index 0000000..9fa5437 --- /dev/null +++ b/bin/tests/system/xfer/dig1.good @@ -0,0 +1,178 @@ +example. 86400 IN SOA ns2.example. hostmaster.example. 1397051952 5 5 1814400 3600 +example. 3600 IN NS ns2.example. +example. 3600 IN NS ns3.example. +a01.example. 3600 IN A 0.0.0.0 +a02.example. 3600 IN A 255.255.255.255 +a601.example. 3600 IN A6 0 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff +a601.example. 3600 IN A6 64 ::ffff:ffff:ffff:ffff foo. +a601.example. 3600 IN A6 127 ::1 foo. +a601.example. 3600 IN A6 128 . +aaaa01.example. 3600 IN AAAA ::1 +aaaa02.example. 3600 IN AAAA fd92:7065:b8e:ffff::5 +afsdb01.example. 3600 IN AFSDB 0 hostname.example. +afsdb02.example. 3600 IN AFSDB 65535 . +amtrelay01.example. 3600 IN AMTRELAY 0 0 0 +amtrelay02.example. 3600 IN AMTRELAY 0 1 0 +amtrelay03.example. 3600 IN AMTRELAY 0 0 1 0.0.0.0 +amtrelay04.example. 3600 IN AMTRELAY 0 0 2 :: +amtrelay05.example. 3600 IN AMTRELAY 0 0 3 example.net. +amtrelay06.example. 3600 IN AMTRELAY \# 2 0004 +apl01.example. 3600 IN APL !1:10.0.0.1/32 1:10.0.0.0/24 +apl02.example. 3600 IN APL +atma01.example. 3600 IN ATMA +61200000000 +atma02.example. 3600 IN ATMA +61200000000 +atma03.example. 3600 IN ATMA 1234567890abcdef +atma04.example. 3600 IN ATMA fedcba0987654321 +avc.example. 3600 IN AVC "foo:bar" +caa01.example. 3600 IN CAA 0 issue "ca.example.net; policy=ev" +caa02.example. 3600 IN CAA 128 tbs "Unknown" +caa03.example. 3600 IN CAA 128 tbs "" +cdnskey01.example. 3600 IN CDNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +cds01.example. 3600 IN CDS 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 +cert01.example. 3600 IN CERT 65534 65535 PRIVATEOID MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY= +cname01.example. 3600 IN CNAME cname-target. +cname02.example. 3600 IN CNAME cname-target.example. +cname03.example. 3600 IN CNAME . +csync01.example. 3600 IN CSYNC 0 0 A NS AAAA +csync02.example. 3600 IN CSYNC 0 0 +dhcid01.example. 3600 IN DHCID AAIBY2/AuCccgoJbsaxcQc9TUapptP69lOjxfNuVAA2kjEA= +dhcid02.example. 3600 IN DHCID AAEBOSD+XR3Os/0LozeXVqcNc7FwCfQdWL3b/NaiUDlW2No= +dhcid03.example. 3600 IN DHCID AAABxLmlskllE0MVjd57zHcWmEH3pCQ6VytcKD//7es/deY= +dlv.example. 3600 IN DLV 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 +dname01.example. 3600 IN DNAME dname-target. +dname02.example. 3600 IN DNAME dname-target.example. +dname03.example. 3600 IN DNAME . +doa01.example. 3600 IN DOA 1234567890 1234567890 1 "image/gif" R0lGODlhKAAZAOMCAGZmZgBmmf///zOZzMz//5nM/zNmmWbM/5nMzMzMzACZ/////////////////////yH5BAEKAA8ALAAAAAAoABkAAATH8IFJK5U2a4337F5ogRkpnoCJrly7PrCKyh8c3HgAhzT35MDbbtO7/IJIHbGiOiaTxVTpSVWWLqNq1UVyapNS1wd3OAxug0LhnCubcVhsxysQnOt4ATpvvzHlFzl1AwODhWeFAgRpen5/UhheAYMFdUB4SFcpGEGGdQeCAqBBLTuSk30EeXd9pEsAbKGxjHqDSE0Sp6ixN4N1BJmbc7lIhmsBich1awPAjkY1SZR8bJWrz382SGqIBQQFQd4IsUTaX+ceuudPEQA7 +doa02.example. 3600 IN DOA 0 1 2 "" aHR0cHM6Ly93d3cuaXNjLm9yZy8= +ds01.example. 3600 IN NS ns42.example. +ds01.example. 3600 IN DS 12892 5 2 26584835CA80C81C91999F31CFAF2A0E89D4FF1C8FAFD0DDB31A85C7 19277C13 +ds02.example. 3600 IN NS ns43.example. +ds02.example. 3600 IN DS 12892 5 1 7AA4A3F416C2F2391FB7AB0D434F762CD62D1390 +eid01.example. 3600 IN EID 1289AB +eui48.example. 3600 IN EUI48 01-23-45-67-89-ab +eui64.example. 3600 IN EUI64 01-23-45-67-89-ab-cd-ef +gid01.example. 3600 IN GID \# 1 03 +unspec01.example. 3600 IN UNSPEC \# 1 04 +gpos01.example. 3600 IN GPOS "-22.6882" "116.8652" "250.0" +gpos02.example. 3600 IN GPOS "" "" "" +hinfo01.example. 3600 IN HINFO "Generic PC clone" "NetBSD-1.4" +hinfo02.example. 3600 IN HINFO "PC" "NetBSD" +hip1.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D +hip2.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D rvs.example.com. +https0.example. 3600 IN HTTPS 0 example.net. +https1.example. 3600 IN HTTPS 1 . port=60 +ipseckey01.example. 3600 IN IPSECKEY 10 1 2 192.0.2.38 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey02.example. 3600 IN IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey03.example. 3600 IN IPSECKEY 10 1 2 192.0.2.3 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey04.example. 3600 IN IPSECKEY 10 3 2 mygateway.example.com. AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey05.example. 3600 IN IPSECKEY 10 2 2 2001:db8:0:8002::2000:1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +isdn01.example. 3600 IN ISDN "isdn-address" +isdn02.example. 3600 IN ISDN "isdn-address" "subaddress" +isdn03.example. 3600 IN ISDN "isdn-address" +isdn04.example. 3600 IN ISDN "isdn-address" "subaddress" +dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +keydata.example. 3600 IN TYPE65533 \# 0 +keydata.example. 3600 IN TYPE65533 \# 6 010203040506 +keydata.example. 3600 IN TYPE65533 \# 18 010203040506010203040506010203040506 +kx01.example. 3600 IN KX 10 kdc.example. +kx02.example. 3600 IN KX 10 . +loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m +loc02.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m +l32.example. 3600 IN L32 10 1.2.3.4 +l64.example. 3600 IN L64 10 14:4fff:ff20:ee64 +lp.example. 3600 IN LP 10 example.net. +nid.example. 3600 IN NID 10 14:4fff:ff20:ee64 +mb01.example. 3600 IN MG madname.example. +mb02.example. 3600 IN MG . +mg01.example. 3600 IN MG mgmname.example. +mg02.example. 3600 IN MG . +minfo01.example. 3600 IN MINFO rmailbx.example. emailbx.example. +minfo02.example. 3600 IN MINFO . . +mr01.example. 3600 IN MR mrname.example. +mr02.example. 3600 IN MR . +mx01.example. 3600 IN MX 10 mail.example. +mx02.example. 3600 IN MX 10 . +naptr01.example. 3600 IN NAPTR 0 0 "" "" "" . +naptr02.example. 3600 IN NAPTR 65535 65535 "blurgh" "blorf" "blllbb" foo. +nimloc01.example. 3600 IN NIMLOC 1289AB +ninfo01.example. 3600 IN NINFO "foo" +ninfo02.example. 3600 IN NINFO "foo" "bar" +ninfo03.example. 3600 IN NINFO "foo" +ninfo04.example. 3600 IN NINFO "foo" "bar" +ninfo05.example. 3600 IN NINFO "foo bar" +ninfo06.example. 3600 IN NINFO "foo bar" +ninfo07.example. 3600 IN NINFO "foo bar" +ninfo08.example. 3600 IN NINFO "foo\010bar" +ninfo09.example. 3600 IN NINFO "foo\010bar" +ninfo10.example. 3600 IN NINFO "foo bar" +ninfo11.example. 3600 IN NINFO "\"foo\"" +ninfo12.example. 3600 IN NINFO "\"foo\"" +ninfo13.example. 3600 IN NINFO "foo;" +ninfo14.example. 3600 IN NINFO "foo;" +ninfo15.example. 3600 IN NINFO "bar\\;" +ns2.example. 3600 IN A 10.53.0.2 +ns3.example. 3600 IN A 10.53.0.3 +nsap-ptr01.example. 3600 IN NSAP-PTR . +nsap-ptr01.example. 3600 IN NSAP-PTR foo. +nsap01.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100 +nsap02.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100 +nsec01.example. 3600 IN NSEC a.secure.nil. NS SOA MX LOC RRSIG NSEC DNSKEY +nsec02.example. 3600 IN NSEC . NSAP-PTR NSEC +nsec03.example. 3600 IN NSEC . A +nsec04.example. 3600 IN NSEC . TYPE127 +openpgpkey.example. 3600 IN OPENPGPKEY AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +ptr01.example. 3600 IN PTR example. +px01.example. 3600 IN PX 65535 foo. bar. +px02.example. 3600 IN PX 65535 . . +rkey01.example. 3600 IN RKEY 0 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +rp01.example. 3600 IN RP mbox-dname.example. txt-dname.example. +rp02.example. 3600 IN RP . . +rt01.example. 3600 IN RT 0 intermediate-host.example. +rt02.example. 3600 IN RT 65535 . +rrsig01.example. 3600 IN RRSIG NSEC 1 3 3600 20000102030405 19961211100908 2143 foo.nil. MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY= +spf01.example. 3600 IN SPF "v=spf1 -all" +spf02.example. 3600 IN SPF "v=spf1" " -all" +sshfp01.example. 3600 IN SSHFP 4 2 C76D8329954DA2835751E371544E963EFDA099080D6C58DD2BFD9A31 6E162C83 +sshfp02.example. 3600 IN SSHFP 1 2 BF29468C83AC58CCF8C85AB7B3BEB054ECF1E38512B8353AB36471FA 88961DCC +sink01.example. 3600 IN SINK 1 0 0 +sink02.example. 3600 IN SINK 8 0 2 l4ik +smimea.example. 3600 IN SMIMEA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC +srv01.example. 3600 IN SRV 0 0 0 . +srv02.example. 3600 IN SRV 65535 65535 65535 old-slow-box.example. +svcb0.example. 3600 IN SVCB 0 example.net. +svcb1.example. 3600 IN SVCB 1 . port=60 +ta.example. 3600 IN TA 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 +talink0.example. 3600 IN TALINK . talink1.example. +talink1.example. 3600 IN TALINK talink0.example. talink2.example. +talink2.example. 3600 IN TALINK talink2.example. . +tlsa.example. 3600 IN TLSA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC +txt01.example. 3600 IN TXT "foo" +txt02.example. 3600 IN TXT "foo" "bar" +txt03.example. 3600 IN TXT "foo" +txt04.example. 3600 IN TXT "foo" "bar" +txt05.example. 3600 IN TXT "foo bar" +txt06.example. 3600 IN TXT "foo bar" +txt07.example. 3600 IN TXT "foo bar" +txt08.example. 3600 IN TXT "foo\010bar" +txt09.example. 3600 IN TXT "foo\010bar" +txt10.example. 3600 IN TXT "foo bar" +txt11.example. 3600 IN TXT "\"foo\"" +txt12.example. 3600 IN TXT "\"foo\"" +txt13.example. 3600 IN TXT "foo;" +txt14.example. 3600 IN TXT "foo;" +txt15.example. 3600 IN TXT "bar\\;" +uid01.example. 3600 IN UID \# 1 02 +uinfo01.example. 3600 IN UINFO \# 1 01 +uri01.example. 3600 IN URI 10 20 "https://www.isc.org/" +uri02.example. 3600 IN URI 30 40 "https://www.isc.org/HolyCowThisSureIsAVeryLongURIRecordIDontEvenKnowWhatSomeoneWouldEverWantWithSuchAThingButTheSpecificationRequiresThatWesupportItSoHereWeGoTestingItLaLaLaLaLaLaLaSeriouslyThoughWhyWouldYouEvenConsiderUsingAURIThisLongItSeemsLikeASillyIdeaButEnhWhatAreYouGonnaDo/" +uri03.example. 3600 IN URI 30 40 "" +wks01.example. 3600 IN WKS 10.0.0.1 6 0 1 2 21 23 +wks02.example. 3600 IN WKS 10.0.0.1 17 0 1 2 53 +wks03.example. 3600 IN WKS 10.0.0.2 6 65535 +x2501.example. 3600 IN X25 "123456789" +zonemd01.example. 3600 IN ZONEMD 2019020700 1 1 C220B8A6ED5728A971902F7E3D4FD93ADEEA88B0453C2E8E8C863D46 5AB06CF34EB95B266398C98B59124FA239CB7EEB +zonemd02.example. 3600 IN ZONEMD 2019020700 1 2 08CFA1115C7B948C4163A901270395EA226A930CD2CBCF2FA9A5E6EB 85F37C8A4E114D884E66F176EAB121CB02DB7D652E0CC4827E7A3204 F166B47E5613FD27 +8f1tmio9avcom2k0frp92lgcumak0cad.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C 8FPNS2UCT7FBS643THP2B77PEQ77K6IU A NS SOA MX AAAA RRSIG DNSKEY NSEC3PARAM +kcd3juae64f9c5csl1kif1htaui7un0g.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C KD5MN2M20340DGO0BL7NTSB8JP4BSC7E +mr5ukvsk1l37btu4q7b1dfevft4hkqdk.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C MT38J6VG7S0SN5G17MCUF6IQIKFUAJ05 A AAAA RRSIG +example. 86400 IN SOA ns2.example. hostmaster.example. 1397051952 5 5 1814400 3600 diff --git a/bin/tests/system/xfer/dig2.good b/bin/tests/system/xfer/dig2.good new file mode 100644 index 0000000..2229f9c --- /dev/null +++ b/bin/tests/system/xfer/dig2.good @@ -0,0 +1,178 @@ +example. 86400 IN SOA ns2.example. hostmaster.example. 1397051953 5 5 1814400 3600 +example. 3600 IN NS ns2.example. +example. 3600 IN NS ns3.example. +a01.example. 3600 IN A 0.0.0.1 +a02.example. 3600 IN A 255.255.255.255 +a601.example. 3600 IN A6 0 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff +a601.example. 3600 IN A6 64 ::ffff:ffff:ffff:ffff foo. +a601.example. 3600 IN A6 127 ::1 foo. +a601.example. 3600 IN A6 128 . +aaaa01.example. 3600 IN AAAA ::1 +aaaa02.example. 3600 IN AAAA fd92:7065:b8e:ffff::5 +afsdb01.example. 3600 IN AFSDB 0 hostname.example. +afsdb02.example. 3600 IN AFSDB 65535 . +amtrelay01.example. 3600 IN AMTRELAY 0 0 0 +amtrelay02.example. 3600 IN AMTRELAY 0 1 0 +amtrelay03.example. 3600 IN AMTRELAY 0 0 1 0.0.0.1 +amtrelay04.example. 3600 IN AMTRELAY 0 0 2 :: +amtrelay05.example. 3600 IN AMTRELAY 0 0 3 example.net. +amtrelay06.example. 3600 IN AMTRELAY \# 2 0004 +apl01.example. 3600 IN APL !1:10.0.0.1/32 1:10.0.0.1/24 +apl02.example. 3600 IN APL +atma01.example. 3600 IN ATMA +61200000000 +atma02.example. 3600 IN ATMA +61200000000 +atma03.example. 3600 IN ATMA 1234567890abcdef +atma04.example. 3600 IN ATMA fedcba0987654321 +avc.example. 3600 IN AVC "foo:bar" +caa01.example. 3600 IN CAA 0 issue "ca.example.net; policy=ev" +caa02.example. 3600 IN CAA 128 tbs "Unknown" +caa03.example. 3600 IN CAA 128 tbs "" +cdnskey01.example. 3600 IN CDNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +cds01.example. 3600 IN CDS 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 +cert01.example. 3600 IN CERT 65534 65535 PRIVATEOID MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY= +cname01.example. 3600 IN CNAME cname-target. +cname02.example. 3600 IN CNAME cname-target.example. +cname03.example. 3600 IN CNAME . +csync01.example. 3600 IN CSYNC 0 0 A NS AAAA +csync02.example. 3600 IN CSYNC 0 0 +dhcid01.example. 3600 IN DHCID AAIBY2/AuCccgoJbsaxcQc9TUapptP69lOjxfNuVAA2kjEA= +dhcid02.example. 3600 IN DHCID AAEBOSD+XR3Os/0LozeXVqcNc7FwCfQdWL3b/NaiUDlW2No= +dhcid03.example. 3600 IN DHCID AAABxLmlskllE0MVjd57zHcWmEH3pCQ6VytcKD//7es/deY= +dlv.example. 3600 IN DLV 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 +dname01.example. 3600 IN DNAME dname-target. +dname02.example. 3600 IN DNAME dname-target.example. +dname03.example. 3600 IN DNAME . +doa01.example. 3600 IN DOA 1234567890 1234567890 1 "image/gif" R0lGODlhKAAZAOMCAGZmZgBmmf///zOZzMz//5nM/zNmmWbM/5nMzMzMzACZ/////////////////////yH5BAEKAA8ALAAAAAAoABkAAATH8IFJK5U2a4337F5ogRkpnoCJrly7PrCKyh8c3HgAhzT35MDbbtO7/IJIHbGiOiaTxVTpSVWWLqNq1UVyapNS1wd3OAxug0LhnCubcVhsxysQnOt4ATpvvzHlFzl1AwODhWeFAgRpen5/UhheAYMFdUB4SFcpGEGGdQeCAqBBLTuSk30EeXd9pEsAbKGxjHqDSE0Sp6ixN4N1BJmbc7lIhmsBich1awPAjkY1SZR8bJWrz382SGqIBQQFQd4IsUTaX+ceuudPEQA7 +doa02.example. 3600 IN DOA 0 1 2 "" aHR0cHM6Ly93d3cuaXNjLm9yZy8= +ds01.example. 3600 IN NS ns42.example. +ds01.example. 3600 IN DS 12892 5 2 26584835CA80C81C91999F31CFAF2A0E89D4FF1C8FAFD0DDB31A85C7 19277C13 +ds02.example. 3600 IN NS ns43.example. +ds02.example. 3600 IN DS 12892 5 1 7AA4A3F416C2F2391FB7AB0D434F762CD62D1390 +eid01.example. 3600 IN EID 1289AB +eui48.example. 3600 IN EUI48 01-23-45-67-89-ab +eui64.example. 3600 IN EUI64 01-23-45-67-89-ab-cd-ef +gid01.example. 3600 IN GID \# 1 03 +unspec01.example. 3600 IN UNSPEC \# 1 04 +gpos01.example. 3600 IN GPOS "-22.6882" "116.8652" "250.0" +gpos02.example. 3600 IN GPOS "" "" "" +hinfo01.example. 3600 IN HINFO "Generic PC clone" "NetBSD-1.4" +hinfo02.example. 3600 IN HINFO "PC" "NetBSD" +ipseckey01.example. 3600 IN IPSECKEY 10 1 2 192.0.2.38 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey02.example. 3600 IN IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey03.example. 3600 IN IPSECKEY 10 1 2 192.0.2.3 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey04.example. 3600 IN IPSECKEY 10 3 2 mygateway.example.com. AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +ipseckey05.example. 3600 IN IPSECKEY 10 2 2 2001:db8:0:8002::2000:1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== +isdn01.example. 3600 IN ISDN "isdn-address" +isdn02.example. 3600 IN ISDN "isdn-address" "subaddress" +isdn03.example. 3600 IN ISDN "isdn-address" +isdn04.example. 3600 IN ISDN "isdn-address" "subaddress" +hip1.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D +hip2.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D rvs.example.com. +dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +https0.example. 3600 IN HTTPS 0 example.net. +https1.example. 3600 IN HTTPS 1 . port=60 +keydata.example. 3600 IN TYPE65533 \# 0 +keydata.example. 3600 IN TYPE65533 \# 6 010203040506 +keydata.example. 3600 IN TYPE65533 \# 18 010203040506010203040506010203040506 +kx01.example. 3600 IN KX 10 kdc.example. +kx02.example. 3600 IN KX 10 . +loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m +loc02.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m +l32.example. 3600 IN L32 10 1.2.3.4 +l64.example. 3600 IN L64 10 14:4fff:ff20:ee64 +lp.example. 3600 IN LP 10 example.net. +nid.example. 3600 IN NID 10 14:4fff:ff20:ee64 +mb01.example. 3600 IN MG madname.example. +mb02.example. 3600 IN MG . +mg01.example. 3600 IN MG mgmname.example. +mg02.example. 3600 IN MG . +minfo01.example. 3600 IN MINFO rmailbx.example. emailbx.example. +minfo02.example. 3600 IN MINFO . . +mr01.example. 3600 IN MR mrname.example. +mr02.example. 3600 IN MR . +mx01.example. 3600 IN MX 10 mail.example. +mx02.example. 3600 IN MX 10 . +naptr01.example. 3600 IN NAPTR 0 0 "" "" "" . +naptr02.example. 3600 IN NAPTR 65535 65535 "blurgh" "blorf" "blllbb" foo. +nimloc01.example. 3600 IN NIMLOC 1289AB +ninfo01.example. 3600 IN NINFO "foo" +ninfo02.example. 3600 IN NINFO "foo" "bar" +ninfo03.example. 3600 IN NINFO "foo" +ninfo04.example. 3600 IN NINFO "foo" "bar" +ninfo05.example. 3600 IN NINFO "foo bar" +ninfo06.example. 3600 IN NINFO "foo bar" +ninfo07.example. 3600 IN NINFO "foo bar" +ninfo08.example. 3600 IN NINFO "foo\010bar" +ninfo09.example. 3600 IN NINFO "foo\010bar" +ninfo10.example. 3600 IN NINFO "foo bar" +ninfo11.example. 3600 IN NINFO "\"foo\"" +ninfo12.example. 3600 IN NINFO "\"foo\"" +ninfo13.example. 3600 IN NINFO "foo;" +ninfo14.example. 3600 IN NINFO "foo;" +ninfo15.example. 3600 IN NINFO "bar\\;" +ns2.example. 3600 IN A 10.53.0.2 +ns3.example. 3600 IN A 10.53.0.3 +nsap-ptr01.example. 3600 IN NSAP-PTR . +nsap-ptr01.example. 3600 IN NSAP-PTR foo. +nsap01.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100 +nsap02.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100 +nsec01.example. 3600 IN NSEC a.secure.nil. NS SOA MX LOC RRSIG NSEC DNSKEY +nsec02.example. 3600 IN NSEC . NSAP-PTR NSEC +nsec03.example. 3600 IN NSEC . A +nsec04.example. 3600 IN NSEC . TYPE127 +openpgpkey.example. 3600 IN OPENPGPKEY AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +ptr01.example. 3600 IN PTR example. +px01.example. 3600 IN PX 65535 foo. bar. +px02.example. 3600 IN PX 65535 . . +rkey01.example. 3600 IN RKEY 0 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8= +rp01.example. 3600 IN RP mbox-dname.example. txt-dname.example. +rp02.example. 3600 IN RP . . +rt01.example. 3600 IN RT 0 intermediate-host.example. +rt02.example. 3600 IN RT 65535 . +rrsig01.example. 3600 IN RRSIG NSEC 1 3 3600 20000102030405 19961211100908 2143 foo.nil. MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY= +sink01.example. 3600 IN SINK 1 0 0 +sink02.example. 3600 IN SINK 8 0 2 l4ik +smimea.example. 3600 IN SMIMEA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC +spf01.example. 3600 IN SPF "v=spf1 -all" +spf02.example. 3600 IN SPF "v=spf1" " -all" +srv01.example. 3600 IN SRV 0 0 0 . +srv02.example. 3600 IN SRV 65535 65535 65535 old-slow-box.example. +sshfp01.example. 3600 IN SSHFP 4 2 C76D8329954DA2835751E371544E963EFDA099080D6C58DD2BFD9A31 6E162C83 +sshfp02.example. 3600 IN SSHFP 1 2 BF29468C83AC58CCF8C85AB7B3BEB054ECF1E38512B8353AB36471FA 88961DCC +svcb0.example. 3600 IN SVCB 0 example.net. +svcb1.example. 3600 IN SVCB 1 . port=60 +ta.example. 3600 IN TA 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 +talink0.example. 3600 IN TALINK . talink1.example. +talink1.example. 3600 IN TALINK talink0.example. talink2.example. +talink2.example. 3600 IN TALINK talink2.example. . +tlsa.example. 3600 IN TLSA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC +txt01.example. 3600 IN TXT "foo" +txt02.example. 3600 IN TXT "foo" "bar" +txt03.example. 3600 IN TXT "foo" +txt04.example. 3600 IN TXT "foo" "bar" +txt05.example. 3600 IN TXT "foo bar" +txt06.example. 3600 IN TXT "foo bar" +txt07.example. 3600 IN TXT "foo bar" +txt08.example. 3600 IN TXT "foo\010bar" +txt09.example. 3600 IN TXT "foo\010bar" +txt10.example. 3600 IN TXT "foo bar" +txt11.example. 3600 IN TXT "\"foo\"" +txt12.example. 3600 IN TXT "\"foo\"" +txt13.example. 3600 IN TXT "foo;" +txt14.example. 3600 IN TXT "foo;" +txt15.example. 3600 IN TXT "bar\\;" +uid01.example. 3600 IN UID \# 1 02 +uinfo01.example. 3600 IN UINFO \# 1 01 +uri01.example. 3600 IN URI 10 20 "https://www.isc.org/" +uri02.example. 3600 IN URI 30 40 "https://www.isc.org/HolyCowThisSureIsAVeryLongURIRecordIDontEvenKnowWhatSomeoneWouldEverWantWithSuchAThingButTheSpecificationRequiresThatWesupportItSoHereWeGoTestingItLaLaLaLaLaLaLaSeriouslyThoughWhyWouldYouEvenConsiderUsingAURIThisLongItSeemsLikeASillyIdeaButEnhWhatAreYouGonnaDo/" +uri03.example. 3600 IN URI 30 40 "" +wks01.example. 3600 IN WKS 10.0.0.1 6 0 1 2 21 23 +wks02.example. 3600 IN WKS 10.0.0.1 17 0 1 2 53 +wks03.example. 3600 IN WKS 10.0.0.2 6 65535 +x2501.example. 3600 IN X25 "123456789" +zonemd01.example. 3600 IN ZONEMD 2019020700 1 1 C220B8A6ED5728A971902F7E3D4FD93ADEEA88B0453C2E8E8C863D46 5AB06CF34EB95B266398C98B59124FA239CB7EEB +zonemd02.example. 3600 IN ZONEMD 2019020700 1 2 08CFA1115C7B948C4163A901270395EA226A930CD2CBCF2FA9A5E6EB 85F37C8A4E114D884E66F176EAB121CB02DB7D652E0CC4827E7A3204 F166B47E5613FD27 +8f1tmio9avcom2k0frp92lgcumak0cad.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C 8FPNS2UCT7FBS643THP2B77PEQ77K6IU A NS SOA MX AAAA RRSIG DNSKEY NSEC3PARAM +kcd3juae64f9c5csl1kif1htaui7un0g.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C KD5MN2M20340DGO0BL7NTSB8JP4BSC7E +mr5ukvsk1l37btu4q7b1dfevft4hkqdk.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C MT38J6VG7S0SN5G17MCUF6IQIKFUAJ05 A AAAA RRSIG +example. 86400 IN SOA ns2.example. hostmaster.example. 1397051953 5 5 1814400 3600 diff --git a/bin/tests/system/xfer/knowngood.mapped b/bin/tests/system/xfer/knowngood.mapped new file mode 100644 index 0000000..5fcd00b --- /dev/null +++ b/bin/tests/system/xfer/knowngood.mapped @@ -0,0 +1,26 @@ + +; <<>> DiG 9.10.2-P3 <<>> -p 5300 axfr mapped @10.53.0.3 +;; global options: +cmd +mapped. 3600 IN SOA . . 0 0 0 2147483647 0 +example.aa. 3600 IN A 1.2.3.4 +example1.aa. 3600 IN A 1.2.3.4 +example.bb. 3600 IN A 1.2.3.4 +example1.bb. 3600 IN A 1.2.3.4 +example.com. 3600 IN A 1.2.3.4 +example1.com. 3600 IN A 1.2.3.4 +bar.dd. 3600 IN A 1.2.3.4 +foo.ee. 3600 IN A 1.2.3.4 +foo.ff. 3600 IN A 1.2.3.4 +foo.gg. 3600 IN A 1.2.3.4 +foo.hh. 3600 IN A 1.2.3.4 +foo.ii. 3600 IN A 1.2.3.4 +foo.jj. 3600 IN A 1.2.3.4 +foo.kk. 3600 IN A 1.2.3.4 +foo.ll. 3600 IN A 1.2.3.4 +mapped. 3600 IN NS . +mapped. 3600 IN SOA . . 0 0 0 2147483647 0 +;; Query time: 4 msec +;; SERVER: 10.53.0.3#5300(10.53.0.3) +;; WHEN: Tue Feb 16 14:38:25 EST 2016 +;; XFR size: 18 records (messages 1, bytes 468) + diff --git a/bin/tests/system/xfer/ns1/axfr-too-big.db b/bin/tests/system/xfer/ns1/axfr-too-big.db new file mode 100644 index 0000000..37987a6 --- /dev/null +++ b/bin/tests/system/xfer/ns1/axfr-too-big.db @@ -0,0 +1,15 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 3600 +@ IN SOA . . 0 0 0 0 0 +@ IN NS . +$GENERATE 1-29 host$ A 1.2.3.$ diff --git a/bin/tests/system/xfer/ns1/ixfr-too-big.db.in b/bin/tests/system/xfer/ns1/ixfr-too-big.db.in new file mode 100644 index 0000000..c192316 --- /dev/null +++ b/bin/tests/system/xfer/ns1/ixfr-too-big.db.in @@ -0,0 +1,18 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 3600 +@ IN SOA . . 0 0 0 0 0 +@ IN NS ns1 +@ IN NS ns6 +ns1 IN A 10.53.0.1 +ns6 IN A 10.53.0.6 +$GENERATE 1-25 host$ A 1.2.3.$ diff --git a/bin/tests/system/xfer/ns1/named.conf.in b/bin/tests/system/xfer/ns1/named.conf.in new file mode 100644 index 0000000..3ff6cdf --- /dev/null +++ b/bin/tests/system/xfer/ns1/named.conf.in @@ -0,0 +1,61 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +include "../../common/rndc.key"; + +controls { + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion no; + notify yes; +}; + +zone "." { + type primary; + file "root.db"; +}; + +zone "secondary" { + type primary; + file "sec.db"; +}; + +zone "edns-expire" { + type primary; + file "edns-expire.db"; +}; + +zone "axfr-too-big" { + type primary; + file "axfr-too-big.db"; +}; + +zone "ixfr-too-big" { + type primary; + allow-update { any; }; + file "ixfr-too-big.db"; +}; + +zone "xfer-stats" { + type primary; + file "xfer-stats.db"; +}; diff --git a/bin/tests/system/xfer/ns1/root.db b/bin/tests/system/xfer/ns1/root.db new file mode 100644 index 0000000..58a675c --- /dev/null +++ b/bin/tests/system/xfer/ns1/root.db @@ -0,0 +1,27 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 +. IN SOA gson.nominum.com. a.root.servers.nil. ( + 2000042100 ; serial + 600 ; refresh + 600 ; retry + 1200 ; expire + 600 ; minimum + ) +. NS a.root-servers.nil. +a.root-servers.nil. A 10.53.0.1 + +example. NS ns2.example. +ns2.example. A 10.53.0.2 + +tsigzone. NS ns2.tsigzone. +ns2.tsigzone. A 10.53.0.2 diff --git a/bin/tests/system/xfer/ns1/xfer-stats.db b/bin/tests/system/xfer/ns1/xfer-stats.db new file mode 100644 index 0000000..42e1c9c --- /dev/null +++ b/bin/tests/system/xfer/ns1/xfer-stats.db @@ -0,0 +1,15 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 3600 +@ SOA . . 0 0 0 0 0 +@ NS . +$GENERATE 1-10000 $ TXT $ diff --git a/bin/tests/system/xfer/ns2/mapped.db.in b/bin/tests/system/xfer/ns2/mapped.db.in new file mode 100644 index 0000000..d928d69 --- /dev/null +++ b/bin/tests/system/xfer/ns2/mapped.db.in @@ -0,0 +1,28 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +mapped. 3600 IN SOA . . 0 0 0 2147483647 0 +example.aa. 3600 IN A 1.2.3.4 +example1.aa. 3600 IN A 1.2.3.4 +example.bb. 3600 IN A 1.2.3.4 +example1.bb. 3600 IN A 1.2.3.4 +example.com. 3600 IN A 1.2.3.4 +example1.com. 3600 IN A 1.2.3.4 +bar.dd. 3600 IN A 1.2.3.4 +foo.ee. 3600 IN A 1.2.3.4 +foo.ff. 3600 IN A 1.2.3.4 +foo.gg. 3600 IN A 1.2.3.4 +foo.hh. 3600 IN A 1.2.3.4 +foo.ii. 3600 IN A 1.2.3.4 +foo.jj. 3600 IN A 1.2.3.4 +foo.kk. 3600 IN A 1.2.3.4 +foo.ll. 3600 IN A 1.2.3.4 +mapped. 3600 IN NS . diff --git a/bin/tests/system/xfer/ns2/named.conf.in b/bin/tests/system/xfer/ns2/named.conf.in new file mode 100644 index 0000000..fbde9c1 --- /dev/null +++ b/bin/tests/system/xfer/ns2/named.conf.in @@ -0,0 +1,74 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + ixfr-from-differences yes; + check-integrity no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +key tsigzone. { + algorithm hmac-md5; + secret "1234abcd8765"; +}; + +acl tzkey { + key tsigzone.; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "example" { + type primary; + file "example.db"; +}; + +zone "tsigzone" { + type primary; + file "tsigzone.db"; + allow-transfer { tzkey; }; +}; + +zone "secondary" { + type secondary; + file "sec.db"; + primaries { 10.53.0.1; }; + masterfile-format text; +}; + +zone "mapped" { + type secondary; + file "mapped.db"; + masterfile-format text; + primaries { 10.53.0.100; }; +}; diff --git a/bin/tests/system/xfer/ns2/sec.db.in b/bin/tests/system/xfer/ns2/sec.db.in new file mode 100644 index 0000000..7978598 --- /dev/null +++ b/bin/tests/system/xfer/ns2/sec.db.in @@ -0,0 +1,19 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 5 + +@ IN SOA ns1 hostmaster 1 5 5 5 5 +@ NS ns1 +ns1 A 10.53.0.1 +a01 A 1.1.1.1 +a02 A 255.255.255.255 + diff --git a/bin/tests/system/xfer/ns3/named.conf.in b/bin/tests/system/xfer/ns3/named.conf.in new file mode 100644 index 0000000..5fc0183 --- /dev/null +++ b/bin/tests/system/xfer/ns3/named.conf.in @@ -0,0 +1,79 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion yes; + notify yes; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +key tsigzone. { + algorithm hmac-md5; + secret "1234abcd8765"; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "example" { + type secondary; + primaries { 10.53.0.2; }; + file "example.bk"; +}; + +zone "primary" { + type secondary; + primaries { 10.53.0.6; }; + file "primary.bk"; +}; + +server 10.53.0.2 { + keys { tsigzone.; }; +}; + +zone "tsigzone" { + type secondary; + primaries { 10.53.0.2; }; + file "tsigzone.bk"; + allow-transfer { key tsigzone.; }; +}; + +zone "mapped" { + type secondary; + primaries { 10.53.0.2; }; + masterfile-format map; + file "mapped.bk"; +}; + +zone "xfer-stats" { + type secondary; + primaries { 10.53.0.1; }; + file "xfer-stats.bk"; +}; diff --git a/bin/tests/system/xfer/ns4/named.conf.base b/bin/tests/system/xfer/ns4/named.conf.base new file mode 100644 index 0000000..8e77d0c --- /dev/null +++ b/bin/tests/system/xfer/ns4/named.conf.base @@ -0,0 +1,49 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.4; + notify-source 10.53.0.4; + transfer-source 10.53.0.4; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.4; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + blackhole { none; }; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +key unused_key. { + secret "1234abcd8765"; + algorithm hmac-md5; +}; + +key tsig_key. { + secret "LSAnCU+Z"; + algorithm hmac-md5; +}; + +controls { + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type primary; + file "root.db"; +}; diff --git a/bin/tests/system/xfer/ns4/root.db.in b/bin/tests/system/xfer/ns4/root.db.in new file mode 100644 index 0000000..29ee0ec --- /dev/null +++ b/bin/tests/system/xfer/ns4/root.db.in @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 0 SOA . . 0 0 0 0 0 +@ 0 NS . +@ 0 A 10.53.0.4 diff --git a/bin/tests/system/xfer/ns6/named.conf.in b/bin/tests/system/xfer/ns6/named.conf.in new file mode 100644 index 0000000..636400c --- /dev/null +++ b/bin/tests/system/xfer/ns6/named.conf.in @@ -0,0 +1,69 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +include "../../common/rndc.key"; + +controls { + inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +options { + query-source address 10.53.0.6; + notify-source 10.53.0.6; + transfer-source 10.53.0.6; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.6; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + ixfr-from-differences primary; + check-integrity no; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "primary" { + type primary; + file "primary.db"; +}; + +zone "secondary" { + type secondary; + notify no; + primaries { 10.53.0.1; }; + file "sec.bk"; +}; + +zone "edns-expire" { + type secondary; + primaries { 10.53.0.1; }; + file "edns-expire.bk"; +}; + +zone "axfr-too-big" { + type secondary; + max-records 30; + primaries { 10.53.0.1; }; + file "axfr-too-big.bk"; +}; + +zone "ixfr-too-big" { + type secondary; + max-records 30; + primaries { 10.53.0.1; }; + file "ixfr-too-big.bk"; +}; diff --git a/bin/tests/system/xfer/ns7/named.conf.in b/bin/tests/system/xfer/ns7/named.conf.in new file mode 100644 index 0000000..9bd92b3 --- /dev/null +++ b/bin/tests/system/xfer/ns7/named.conf.in @@ -0,0 +1,54 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +include "../../common/rndc.key"; + +controls { + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +options { + query-source address 10.53.0.7; + notify-source 10.53.0.7; + transfer-source 10.53.0.7; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.7; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + ixfr-from-differences secondary; + check-integrity no; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "primary2" { + type primary; + file "primary2.db"; +}; + +zone "secondary" { + type secondary; + primaries { 10.53.0.1; }; + file "sec.bk"; +}; + +zone "edns-expire" { + type secondary; + primaries { 10.53.0.6; }; + file "edns-expire.bk"; +}; diff --git a/bin/tests/system/xfer/ns8/example.db b/bin/tests/system/xfer/ns8/example.db new file mode 100644 index 0000000..8e8ccb9 --- /dev/null +++ b/bin/tests/system/xfer/ns8/example.db @@ -0,0 +1,24 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 300 ; 5 minutes +@ SOA mname1. . ( + 2000062101 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns +ns A 10.53.0.1 + +$INCLUDE large.db +$INCLUDE small.db diff --git a/bin/tests/system/xfer/ns8/named.conf.in b/bin/tests/system/xfer/ns8/named.conf.in new file mode 100644 index 0000000..22b3272 --- /dev/null +++ b/bin/tests/system/xfer/ns8/named.conf.in @@ -0,0 +1,46 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +include "../../common/rndc.key"; + +controls { + inet 10.53.0.8 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +options { + query-source address 10.53.0.8; + notify-source 10.53.0.8; + transfer-source 10.53.0.8; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.8; }; + listen-on-v6 { none; }; + recursion no; + notify no; + transfer-message-size 1024; +}; + +key key1. { + algorithm hmac-md5; + secret "1234abcd8765"; +}; + +acl tzkey { + key key1.; +}; + +zone "example." { + type primary; + file "example.db"; + allow-transfer { tzkey; }; +}; diff --git a/bin/tests/system/xfer/prereq.sh b/bin/tests/system/xfer/prereq.sh new file mode 100644 index 0000000..b262501 --- /dev/null +++ b/bin/tests/system/xfer/prereq.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +if $PERL -e 'use Net::DNS;' 2>/dev/null +then + if $PERL -e 'use Net::DNS; die if ($Net::DNS::VERSION >= 0.69 && $Net::DNS::VERSION <= 0.74);' 2>/dev/null + then + : + else + echo_i "Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2 + exit 1 + fi +else + echo_i "This test requires the Net::DNS library." >&2 + exit 1 +fi + +if ! $PERL -e 'use Digest::HMAC;' 2>/dev/null +then + echo_i "This test requires the Digest::HMAC Perl module." >&2 + exit 1 +fi diff --git a/bin/tests/system/xfer/setup.sh b/bin/tests/system/xfer/setup.sh new file mode 100644 index 0000000..3180a7f --- /dev/null +++ b/bin/tests/system/xfer/setup.sh @@ -0,0 +1,44 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL ../genzone.sh 1 6 7 >ns1/sec.db +$SHELL ../genzone.sh 1 6 7 >ns1/edns-expire.db +$SHELL ../genzone.sh 2 3 >ns2/example.db +$SHELL ../genzone.sh 2 3 >ns2/tsigzone.db +$SHELL ../genzone.sh 6 3 >ns6/primary.db +$SHELL ../genzone.sh 7 >ns7/primary2.db + +cp -f ns4/root.db.in ns4/root.db +$PERL -e 'for ($i=0;$i<10000;$i++){ printf("x%u 0 in a 10.53.0.1\n", $i);}' >> ns4/root.db + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf +copy_setports ns8/named.conf.in ns8/named.conf + +copy_setports ns4/named.conf.base ns4/named.conf + +cp ns2/sec.db.in ns2/sec.db +touch -t 200101010000 ns2/sec.db + +cp ns2/mapped.db.in ns2/mapped.db + +$PERL -e 'for ($i=0;$i<4096;$i++){ printf("name%u 259200 A 1.2.3.4\nname%u 259200 TXT \"Hello World %u\"\n", $i, $i, $i);}' > ns8/small.db +$PERL -e 'printf("large IN TYPE45234 \\# 48000 "); for ($i=0;$i<16*3000;$i++) { printf("%02x", $i % 256); } printf("\n");' > ns8/large.db + +cp -f ns1/ixfr-too-big.db.in ns1/ixfr-too-big.db diff --git a/bin/tests/system/xfer/tests.sh b/bin/tests/system/xfer/tests.sh new file mode 100755 index 0000000..607d68a --- /dev/null +++ b/bin/tests/system/xfer/tests.sh @@ -0,0 +1,547 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + +status=0 +n=0 + +n=$((n+1)) +echo_i "testing basic zone transfer functionality (from primary) ($n)" +tmp=0 +$DIG $DIGOPTS example. @10.53.0.2 axfr > dig.out.ns2.test$n || tmp=1 +grep "^;" dig.out.ns2.test$n | cat_i +digcomp dig1.good dig.out.ns2.test$n || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing basic zone transfer functionality (from secondary) ($n)" +tmp=0 +# +# Spin to allow the zone to transfer. +# +wait_for_xfer () { + $DIG $DIGOPTS example. @10.53.0.3 axfr > dig.out.ns3.test$n || return 1 + grep "^;" dig.out.ns3.test$n > /dev/null && return 1 + return 0 +} +retry_quiet 25 wait_for_xfer || tmp=1 +grep "^;" dig.out.ns3.test$n | cat_i +digcomp dig1.good dig.out.ns3.test$n || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing TSIG signed zone transfers ($n)" +tmp=0 +$DIG $DIGOPTS tsigzone. @10.53.0.2 axfr -y tsigzone.:1234abcd8765 > dig.out.ns2.test$n || tmp=1 +grep "^;" dig.out.ns2.test$n | cat_i + +# +# Spin to allow the zone to transfer. +# +wait_for_xfer_tsig () { + $DIG $DIGOPTS tsigzone. @10.53.0.3 axfr -y tsigzone.:1234abcd8765 > dig.out.ns3.test$n || return 1 + grep "^;" dig.out.ns3.test$n > /dev/null && return 1 + return 0 +} +retry_quiet 25 wait_for_xfer_tsig || tmp=1 +grep "^;" dig.out.ns3.test$n | cat_i +digcomp dig.out.ns2.test$n dig.out.ns3.test$n || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +echo_i "reload servers for in preparation for ixfr-from-differences tests" + +rndc_reload ns1 10.53.0.1 +rndc_reload ns2 10.53.0.2 +rndc_reload ns3 10.53.0.3 +rndc_reload ns6 10.53.0.6 +rndc_reload ns7 10.53.0.7 + +sleep 2 + +echo_i "updating primary zones for ixfr-from-differences tests" + +$PERL -i -p -e ' + s/0\.0\.0\.0/0.0.0.1/; + s/1397051952/1397051953/ +' ns1/sec.db + +rndc_reload ns1 10.53.0.1 + +$PERL -i -p -e ' + s/0\.0\.0\.0/0.0.0.1/; + s/1397051952/1397051953/ +' ns2/example.db + +rndc_reload ns2 10.53.0.2 + +$PERL -i -p -e ' + s/0\.0\.0\.0/0.0.0.1/; + s/1397051952/1397051953/ +' ns6/primary.db + +rndc_reload ns6 10.53.0.6 + +$PERL -i -p -e ' + s/0\.0\.0\.0/0.0.0.1/; + s/1397051952/1397051953/ +' ns7/primary2.db + +rndc_reload ns7 10.53.0.7 + +sleep 3 + +n=$((n+1)) +echo_i "testing zone is dumped after successful transfer ($n)" +tmp=0 +$DIG $DIGOPTS +noall +answer +multi @10.53.0.2 \ + secondary. soa > dig.out.ns2.test$n || tmp=1 +grep "1397051952 ; serial" dig.out.ns2.test$n > /dev/null 2>&1 || tmp=1 +grep "1397051952 ; serial" ns2/sec.db > /dev/null 2>&1 || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing ixfr-from-differences yes; ($n)" +tmp=0 + +echo_i "wait for reloads..." +wait_for_reloads() ( + $DIG $DIGOPTS @10.53.0.6 +noall +answer soa primary > dig.out.soa1.ns6.test$n + grep "1397051953" dig.out.soa1.ns6.test$n > /dev/null || return 1 + $DIG $DIGOPTS @10.53.0.1 +noall +answer soa secondary > dig.out.soa2.ns1.test$n + grep "1397051953" dig.out.soa2.ns1.test$n > /dev/null || return 1 + $DIG $DIGOPTS @10.53.0.2 +noall +answer soa example > dig.out.soa3.ns2.test$n + grep "1397051953" dig.out.soa3.ns2.test$n > /dev/null || return 1 + return 0 +) +retry_quiet 20 wait_for_reloads || tmp=1 + +echo_i "wait for transfers..." +wait_for_transfers() ( + a=0 b=0 c=0 d=0 + $DIG $DIGOPTS @10.53.0.3 +noall +answer soa example > dig.out.soa1.ns3.test$n + grep "1397051953" dig.out.soa1.ns3.test$n > /dev/null && a=1 + $DIG $DIGOPTS @10.53.0.3 +noall +answer soa primary > dig.out.soa2.ns3.test$n + grep "1397051953" dig.out.soa2.ns3.test$n > /dev/null && b=1 + $DIG $DIGOPTS @10.53.0.6 +noall +answer soa secondary > dig.out.soa3.ns6.test$n + grep "1397051953" dig.out.soa3.ns6.test$n > /dev/null && c=1 + [ $a -eq 1 -a $b -eq 1 -a $c -eq 1 ] && return 0 + + # re-notify if necessary + $RNDCCMD 10.53.0.6 notify primary 2>&1 | sed 's/^/ns6 /' | cat_i + $RNDCCMD 10.53.0.1 notify secondary 2>&1 | sed 's/^/ns1 /' | cat_i + $RNDCCMD 10.53.0.2 notify example 2>&1 | sed 's/^/ns2 /' | cat_i + return 1 +) +retry_quiet 20 wait_for_transfers || tmp=1 + +$DIG $DIGOPTS example. \ + @10.53.0.3 axfr > dig.out.ns3.test$n || tmp=1 +grep "^;" dig.out.ns3.test$n | cat_i + +digcomp dig2.good dig.out.ns3.test$n || tmp=1 + +# ns3 has a journal iff it received an IXFR. +test -f ns3/example.bk || tmp=1 +test -f ns3/example.bk.jnl || tmp=1 + +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing ixfr-from-differences primary; (primary zone) ($n)" +tmp=0 + +$DIG $DIGOPTS primary. \ + @10.53.0.6 axfr > dig.out.ns6.test$n || tmp=1 +grep "^;" dig.out.ns6.test$n | cat_i + +$DIG $DIGOPTS primary. \ + @10.53.0.3 axfr > dig.out.ns3.test$n || tmp=1 +grep "^;" dig.out.ns3.test$n > /dev/null && cat_i dig.out.ns3.test$n + +digcomp dig.out.ns6.test$n dig.out.ns3.test$n || tmp=1 + +# ns3 has a journal iff it received an IXFR. +test -f ns3/primary.bk || tmp=1 +test -f ns3/primary.bk.jnl || tmp=1 + +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing ixfr-from-differences primary; (secondary zone) ($n)" +tmp=0 + +$DIG $DIGOPTS secondary. \ + @10.53.0.6 axfr > dig.out.ns6.test$n || tmp=1 +grep "^;" dig.out.ns6.test$n | cat_i + +$DIG $DIGOPTS secondary. \ + @10.53.0.1 axfr > dig.out.ns1.test$n || tmp=1 +grep "^;" dig.out.ns1.test$n | cat_i + +digcomp dig.out.ns6.test$n dig.out.ns1.test$n || tmp=1 + +# ns6 has a journal iff it received an IXFR. +test -f ns6/sec.bk || tmp=1 +test -f ns6/sec.bk.jnl && tmp=1 + +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing ixfr-from-differences secondary; (secondary zone) ($n)" +tmp=0 + +# ns7 has a journal iff it generates an IXFR. +test -f ns7/primary2.db || tmp=1 +test -f ns7/primary2.db.jnl && tmp=1 + +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "testing ixfr-from-differences secondary; (secondary zone) ($n)" +tmp=0 + +$DIG $DIGOPTS secondary. \ + @10.53.0.1 axfr > dig.out.ns1.test$n || tmp=1 +grep "^;" dig.out.ns1.test$n | cat_i + +$DIG $DIGOPTS secondary. \ + @10.53.0.7 axfr > dig.out.ns7.test$n || tmp=1 +grep "^;" dig.out.ns7.test$n | cat_i + +digcomp dig.out.ns7.test$n dig.out.ns1.test$n || tmp=1 + +# ns7 has a journal iff it generates an IXFR. +test -f ns7/sec.bk || tmp=1 +test -f ns7/sec.bk.jnl || tmp=1 + +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "check that a multi-message uncompressable zone transfers ($n)" +$DIG axfr . -p ${PORT} @10.53.0.4 | grep SOA > axfr.out +if test `wc -l < axfr.out` != 2 +then + echo_i "failed" + status=$((status+1)) +fi + +# now we test transfers with assorted TSIG glitches +DIGCMD="$DIG $DIGOPTS @10.53.0.4" +SENDCMD="$PERL ../send.pl 10.53.0.5 $EXTRAPORT1" + +echo_i "testing that incorrectly signed transfers will fail..." +n=$((n+1)) +echo_i "initial correctly-signed transfer should succeed ($n)" + +$SENDCMD < ans5/goodaxfr + +# Initially, ns4 is not authoritative for anything. +# Now that ans is up and running with the right data, we make ns4 +# a secondary for nil. + +cat <<EOF >>ns4/named.conf +zone "nil" { + type secondary; + file "nil.db"; + primaries { 10.53.0.5 key tsig_key; }; +}; +EOF + +nextpart ns4/named.run >/dev/null + +rndc_reload ns4 10.53.0.4 + +wait_for_soa() ( + $DIGCMD nil. SOA > dig.out.ns4.test$n + grep SOA dig.out.ns4.test$n > /dev/null +) +retry_quiet 10 wait_for_soa + +nextpart ns4/named.run | grep "Transfer status: success" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "unsigned transfer ($n)" + +$SENDCMD < ans5/unsigned + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +nextpart ns4/named.run | grep "Transfer status: expected a TSIG or SIG(0)" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'unsigned AXFR' >/dev/null && { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "bad keydata ($n)" + +$SENDCMD < ans5/badkeydata + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +nextpart ns4/named.run | grep "Transfer status: tsig verify failure" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'bad keydata AXFR' >/dev/null && { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "partially-signed transfer ($n)" + +$SENDCMD < ans5/partial + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +nextpart ns4/named.run | grep "Transfer status: expected a TSIG or SIG(0)" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'partially signed AXFR' >/dev/null && { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "unknown key ($n)" + +$SENDCMD < ans5/unknownkey + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +nextpart ns4/named.run | grep "tsig key 'tsig_key': key name and algorithm do not match" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'unknown key AXFR' >/dev/null && { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "incorrect key ($n)" + +$SENDCMD < ans5/wrongkey + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +nextpart ns4/named.run | grep "tsig key 'tsig_key': key name and algorithm do not match" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'incorrect key AXFR' >/dev/null && { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "bad message id ($n)" + +$SENDCMD < ans5/badmessageid + +# Uncomment to see AXFR stream with mismatching IDs. +# $DIG $DIGOPTS @10.53.0.5 -y tsig_key:LSAnCU+Z nil. AXFR +all + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +msg="detected message ID mismatch on incoming AXFR stream, transfer will fail in BIND 9.17.2 and later if AXFR source is not fixed" +nextpart ns4/named.run | grep "$msg" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'bad message id' >/dev/null || { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "mismatched SOA ($n)" + +${SENDCMD} < ans5/soamismatch + +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i + +sleep 2 + +nextpart ns4/named.run | grep "Transfer status: FORMERR" > /dev/null || { + echo_i "failed: expected status was not logged" + status=$((status+1)) +} + +$DIGCMD nil. TXT | grep 'SOA mismatch AXFR' >/dev/null && { + echo_i "failed" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "check that we ask for and get a EDNS EXPIRE response ($n)" +# force a refresh query +$RNDCCMD 10.53.0.7 refresh edns-expire 2>&1 | sed 's/^/ns7 /' | cat_i +sleep 10 + +# there may be multiple log entries so get the last one. +expire=`awk '/edns-expire\/IN: got EDNS EXPIRE of/ { x=$9 } END { print x }' ns7/named.run` +test ${expire:-0} -gt 0 -a ${expire:-0} -lt 1814400 || { + echo_i "failed (expire=${expire:-0})" + status=$((status+1)) +} + +n=$((n+1)) +echo_i "test smaller transfer TCP message size ($n)" +$DIG $DIGOPTS example. @10.53.0.8 axfr \ + -y key1.:1234abcd8765 > dig.out.msgsize.test$n || status=1 + +$DOS2UNIX dig.out.msgsize.test$n >/dev/null 2>&1 + +bytes=`wc -c < dig.out.msgsize.test$n` +if [ $bytes -ne 459357 ]; then + echo_i "failed axfr size check" + status=$((status+1)) +fi + +num_messages=`cat ns8/named.run | grep "sending TCP message of" | wc -l` +if [ $num_messages -le 300 ]; then + echo_i "failed transfer message count check" + status=$((status+1)) +fi + +n=$((n+1)) +echo_i "test mapped zone with out of zone data ($n)" +tmp=0 +$DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.1.test$n +grep "status: NOERROR," dig.out.1.test$n > /dev/null || tmp=1 +stop_server ns3 +start_server --noclean --restart --port ${PORT} ns3 +check_mapped () { + $DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.2.test$n + grep "status: NOERROR," dig.out.2.test$n > /dev/null || return 1 + $DIG -p ${PORT} axfr mapped @10.53.0.3 > dig.out.3.test$n + digcomp knowngood.mapped dig.out.3.test$n || return 1 + return 0 +} +retry_quiet 10 check_mapped || tmp=1 +[ "$tmp" -ne 0 ] && echo_i "failed" +status=$((status+tmp)) + +n=$((n+1)) +echo_i "test that a zone with too many records is rejected (AXFR) ($n)" +tmp=0 +grep "'axfr-too-big/IN'.*: too many records" ns6/named.run >/dev/null || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "test that a zone with too many records is rejected (IXFR) ($n)" +tmp=0 +nextpart ns6/named.run > /dev/null +$NSUPDATE << EOF +zone ixfr-too-big +server 10.53.0.1 ${PORT} +update add the-31st-record.ixfr-too-big 0 TXT this is it +send +EOF +msg="'ixfr-too-big/IN' from 10.53.0.1#${PORT}: Transfer status: too many records" +wait_for_log 10 "$msg" ns6/named.run || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "checking whether dig calculates AXFR statistics correctly ($n)" +tmp=0 +# Loop until the secondary server manages to transfer the "xfer-stats" zone so +# that we can both check dig output and immediately proceed with the next test. +# Use -b so that we can discern between incoming and outgoing transfers in ns3 +# logs later on. +wait_for_xfer() ( + $DIG $DIGOPTS +noedns +stat -b 10.53.0.2 @10.53.0.3 xfer-stats. AXFR > dig.out.ns3.test$n + grep "; Transfer failed" dig.out.ns3.test$n > /dev/null || return 0 + return 1 +) +if retry_quiet 10 wait_for_xfer; then + get_dig_xfer_stats dig.out.ns3.test$n > stats.dig + diff axfr-stats.good stats.dig || tmp=1 +else + echo_i "timed out waiting for zone transfer" +fi +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +# Note: in the next two tests, we use ns3 logs for checking both incoming and +# outgoing transfer statistics as ns3 is both a secondary server (for ns1) and a +# primary server (for dig queries from the previous test) for "xfer-stats". +n=$((n+1)) +echo_i "checking whether named calculates incoming AXFR statistics correctly ($n)" +tmp=0 +get_named_xfer_stats ns3/named.run 10.53.0.1 xfer-stats "Transfer completed" > stats.incoming +diff axfr-stats.good stats.incoming || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +n=$((n+1)) +echo_i "checking whether named calculates outgoing AXFR statistics correctly ($n)" +tmp=0 +check_xfer_stats() { + get_named_xfer_stats ns3/named.run 10.53.0.2 xfer-stats "AXFR ended" > stats.outgoing + diff axfr-stats.good stats.outgoing > /dev/null +} +retry_quiet 10 check_xfer_stats || tmp=1 +if test $tmp != 0 ; then echo_i "failed"; fi +status=$((status+tmp)) + +echo_i "exit status: $status" +[ $status -eq 0 ] || exit 1 |